> ## Documentation Index > Fetch the complete documentation index at: https://docs.corbado.com/llms.txt > Use this file to discover all available pages before exploring further. # Start passkey append > Starts the process of appending a new passkey. ## OpenAPI ````yaml https://frontendapi.cloud.corbado.io/v2/openapi.yaml post /v2/auth/passkey/append/start openapi: 3.0.3 info: version: 2.0.4 title: Corbado Frontend API description: >- Overview of all Corbado Frontend API calls to implement passwordless authentication. contact: name: Corbado team email: support@corbado.com url: https://www.corbado.com servers: - url: https://{projectId}.frontendapi.corbado.io variables: projectId: description: Your Corbado project ID default: pro-000000 security: - bearerAuth: [] - projectID: [] tags: - name: Auth description: All API calls that are related to an authentication process. - name: Configs description: All API calls to manage configurations - name: Users description: All API calls to manage users - name: CorbadoConnect description: All API calls that are related to a connect process - name: OIDC description: All API calls that are related to OpenID Connect - name: WellKnown description: All API calls that are related to WellKnown assets paths: /v2/auth/passkey/append/start: post: tags: - Auth summary: Start passkey append description: Starts the process of appending a new passkey. operationId: PasskeyAppendStart requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/passkeyAppendStartReq' responses: '200': description: tbd content: application/json: schema: $ref: '#/components/schemas/processResponse' components: schemas: passkeyAppendStartReq: type: object properties: clientInformation: $ref: '#/components/schemas/clientInformation' processResponse: type: object required: - blockBody - common properties: blockBody: $ref: '#/components/schemas/blockBody' common: $ref: '#/components/schemas/processCommon' newProcess: $ref: '#/components/schemas/processStaticInfo' clientInformation: type: object properties: bluetoothAvailable: type: boolean clientEnvHandle: type: string visitorId: type: string canUsePasskeys: type: boolean description: >- Deprecated, use isUserVerifyingPlatformAuthenticatorAvailable instead isUserVerifyingPlatformAuthenticatorAvailable: type: boolean isConditionalMediationAvailable: type: boolean clientCapabilities: $ref: '#/components/schemas/clientCapabilities' javaScriptHighEntropy: $ref: '#/components/schemas/javaScriptHighEntropy' isNative: type: boolean webdriver: type: boolean privateMode: type: boolean clientEnvHandleMeta: $ref: '#/components/schemas/clientStateMeta' nativeMeta: $ref: '#/components/schemas/nativeMeta' blockBody: type: object required: - block - data - authType properties: block: $ref: '#/components/schemas/blockType' authType: $ref: '#/components/schemas/authType' data: type: object discriminator: propertyName: blockType oneOf: - $ref: '#/components/schemas/generalBlockPasskeyAppend' - $ref: '#/components/schemas/generalBlockPasskeyVerify' - $ref: '#/components/schemas/generalBlockVerifyIdentifier' - $ref: '#/components/schemas/generalBlockPasskeyAppended' - $ref: '#/components/schemas/generalBlockCompleted' - $ref: '#/components/schemas/generalBlockSignupInit' - $ref: '#/components/schemas/generalBlockLoginInit' - $ref: '#/components/schemas/generalBlockPostSignupEmailVerify' alternatives: type: array items: $ref: '#/components/schemas/blockBody' error: $ref: '#/components/schemas/requestError' continueOnOtherDevice: $ref: '#/components/schemas/continueOnOtherDevice' processCommon: type: object required: - appName - frontendApiUrl - hideBadge - environment properties: appName: type: string frontendApiUrl: type: string hideBadge: type: boolean environment: type: string processStaticInfo: type: object required: - token - expiresAt properties: token: type: string expiresAt: type: integer clientCapabilities: type: object properties: conditionalCreate: type: boolean conditionalMediation: type: boolean conditionalGet: type: boolean hybridTransport: type: boolean passkeyPlatformAuthenticator: type: boolean userVerifyingPlatformAuthenticator: type: boolean relatedOrigins: type: boolean signalAllAcceptedCredentials: type: boolean signalCurrentUserDetails: type: boolean signalUnknownCredential: type: boolean javaScriptHighEntropy: type: object required: - platform - platformVersion - mobile properties: platform: type: string platformVersion: type: string mobile: type: boolean clientStateMeta: type: object required: - ts - source properties: ts: type: integer format: int64 source: type: string enum: - ls - url - native nativeMeta: type: object required: - platform - platformVersion - displayName properties: platform: type: string platformVersion: type: string name: type: string version: type: string displayName: type: string build: type: string deviceOwnerAuth: type: string enum: - none - code - biometrics isBluetoothAvailable: type: boolean isBluetoothOn: type: boolean isGooglePlayServices: type: boolean isDeviceSecure: type: boolean error: type: string brand: type: string model: type: string locale: type: string screen: $ref: '#/components/schemas/nativeMetaScreen' sdkInitTimeMs: type: integer format: int64 blockType: type: string enum: - signup-init - passkey-append - phone-verify - email-verify - passkey-appended - completed - social-verify - login-init - passkey-verify - conditional-ui-completed - post-signup-email-verify - passkey-append-after-hybrid authType: type: string enum: - signup - login generalBlockPasskeyAppend: type: object required: - blockType - challenge - identifierValue - identifierType - autoSubmit - passkeyIconSet - variant properties: blockType: type: string challenge: type: string identifierValue: type: string identifierType: $ref: '#/components/schemas/loginIdentifierType' autoSubmit: type: boolean passkeyIconSet: $ref: '#/components/schemas/passkeyIconSet' variant: type: string enum: - default - after-hybrid - after-error - after-no-credential generalBlockPasskeyVerify: type: object required: - blockType - challenge - identifierValue properties: blockType: type: string challenge: type: string identifierValue: type: string loginHint: type: string enum: - cda generalBlockVerifyIdentifier: type: object required: - verificationMethod - identifier - alternativeVerificationMethods - isPostLoginVerification - blockType properties: blockType: type: string verificationMethod: $ref: '#/components/schemas/verificationMethod' identifier: type: string retryNotBefore: type: integer format: int32 error: $ref: '#/components/schemas/requestError' alternativeVerificationMethods: type: array items: type: object required: - verificationMethod - identifier properties: verificationMethod: $ref: '#/components/schemas/verificationMethod' identifier: type: string isPostLoginVerification: type: boolean generalBlockPasskeyAppended: type: object required: - blockType properties: blockType: type: string generalBlockCompleted: type: object required: - blockType - shortSession - sessionToken properties: blockType: type: string longSession: type: string deprecated: true x-deprecated-reason: Old code description: >- This is only set if the project environment is set to 'dev'. If set the UI components will set the longSession in local storage because the cookie dropping will not work in Safari for example ("third-party cookie"). refreshToken: type: string description: >- This is only set if the project environment is set to 'dev'. If set the UI components will set the longSession in local storage because the cookie dropping will not work in Safari for example ("third-party cookie"). shortSession: type: string deprecated: true x-deprecated-reason: Old code sessionToken: type: string passkeyOperation: $ref: '#/components/schemas/passkeyOperation' generalBlockSignupInit: type: object required: - blockType - identifiers - socialProviders properties: blockType: type: string identifiers: type: array items: $ref: '#/components/schemas/loginIdentifierWithError' fullName: $ref: '#/components/schemas/fullNameWithError' socialData: $ref: '#/components/schemas/socialData' error: $ref: '#/components/schemas/requestError' generalBlockLoginInit: type: object required: - blockType - identifierValue - isPhone - isPhoneAvailable - isEmailAvailable - isUsernameAvailable - socialData properties: blockType: type: string conditionalUIChallenge: type: string identifierValue: type: string isPhone: type: boolean isPhoneAvailable: type: boolean isEmailAvailable: type: boolean isUsernameAvailable: type: boolean socialData: $ref: '#/components/schemas/socialData' fieldError: $ref: '#/components/schemas/requestError' error: $ref: '#/components/schemas/requestError' generalBlockPostSignupEmailVerify: type: object required: - blockType properties: blockType: type: string error: $ref: '#/components/schemas/requestError' requestError: type: object required: - code - message properties: code: type: string message: type: string continueOnOtherDevice: type: object required: - reason properties: reason: type: string enum: - email-link-verified - process-already-completed nativeMetaScreen: type: object required: - widthPoints - heightPoints - scale properties: widthPoints: type: number format: float heightPoints: type: number format: float scale: type: number format: float loginIdentifierType: type: string enum: - email - phone - username passkeyIconSet: type: string enum: - default - apple - android - windows verificationMethod: type: string enum: - email-link - email-otp - phone-otp passkeyOperation: type: object required: - operationType - identifierValue - identifierType - ceremonyType properties: operationType: type: string enum: - append - verify identifierValue: type: string identifierType: $ref: '#/components/schemas/loginIdentifierType' ceremonyType: type: string enum: - local - cda - security-key aaguidDetails: $ref: '#/components/schemas/aaguidDetails' loginIdentifierWithError: type: object required: - type - identifier properties: type: $ref: '#/components/schemas/loginIdentifierType' identifier: type: string error: $ref: '#/components/schemas/requestError' fullNameWithError: type: object required: - fullName properties: fullName: type: string error: $ref: '#/components/schemas/requestError' socialData: type: object required: - providers - status properties: providers: type: array items: type: string description: Type of the social provider. enum: - google - microsoft - github status: type: string enum: - initial - started - finished oauthUrl: type: string error: $ref: '#/components/schemas/requestError' aaguidDetails: type: object required: - name - iconLight - iconDark properties: name: type: string iconLight: type: string iconDark: type: string securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: > After a user logs in successfully, a session is created and a JWT token is returned. This token represents the user's authenticated session. It must be included in the `Authorization` header as a Bearer token for all protected endpoints: `Authorization: Bearer ` The server will validate this token to authorize access. projectID: type: apiKey in: header name: X-Corbado-ProjectID description: | Identifies your project context for Corbado. Include this in the request headers as: `X-Corbado-ProjectID: ` ````